Skip to content

Attack Surface Management (ASM)

Weekly Cybersecurity Breach Report June 24-30, 2025

The final week of June 2025 marked one of the most devastating periods in cybersecurity history, with unprecedented credential theft affecting 16 billion login credentials and a surge in sophisticated nation-state attacks targeting critical infrastructure and major corporations. This period witnessed the emergence of advanced AI-powered attack techniques, including deepfake Zoom meetings by North Korean… Read More »Weekly Cybersecurity Breach Report June 24-30, 2025

Zero Auth, Full Control: Inside the Critical vBulletin CVE-2025-48827

Zero-day vulnerabilities are a serious threat to organizations all over the world in the consistently elevating field of cybersecurity. Recently, a critical vulnerability known as CVE-2025-48827 surfaced, leaving systems vulnerable to privilege escalation alongside remote code execution (RCE) attacks. This blog post provides an in-depth analysis of the vulnerability, a step-by-step exploitation guide, and actionable… Read More »Zero Auth, Full Control: Inside the Critical vBulletin CVE-2025-48827

Weekly Cybersecurity Breach Report: June 19–25, 2025

This week’s landscape was dominated by sophisticated espionage and ransomware campaigns spanning telecommunications, insurance, finance, supply chain, critical infrastructure, and software supply chains. State-sponsored and criminal threat actors alike leveraged zero-day exploits, social engineering, code-signing abuse, and destructive malware to breach high-value targets. Key incidents include the Salt Typhoon compromise of Cisco infrastructure, Scattered Spider’s… Read More »Weekly Cybersecurity Breach Report: June 19–25, 2025

Understanding CVE-2025-34028, Commvault’s Critical Pre-Auth RCE Vulnerability

In April 2025, a critical pre-auth Remote Code Execution vulnerability, CVE-2025-34028, was discovered in Commvault Command Center. This vulnerability allows attackers to achieve remote code execution without authentication by exploiting an Server-Side Request forgery (SSRF) and a path traversal issue that enables uploading and executing malicious ZIP files. With a CVSS score of 10.0, this… Read More »Understanding CVE-2025-34028, Commvault’s Critical Pre-Auth RCE Vulnerability

The Future of AI Pen Testing: Insights from Bruce Schneier & Renee Guttman At Cyber Risk Alliance Event, USA

At a May 2025 executive panel hosted by Cyber Risk Alliance, security influencers Bruce Schneier and Renee Guttman delivered a clear message: cybersecurity must evolve from static checks to continuous, intelligent validation. Their perspectives are especially close to home for us — both Renee and Bruce are Strategic Advisors at FireCompass, helping guide our mission to bring ethical, AI-powered… Read More »The Future of AI Pen Testing: Insights from Bruce Schneier & Renee Guttman At Cyber Risk Alliance Event, USA

Use Cases
Technology
About
Partner
Resources

FireCompass – An EC Council Ecosystem Company.
©2025 . All Rights Reserved.